CVE-2003-0849 : Detail

Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 105

Publication date : 2003-09-26 22h00 +00:00
Author : kokanin
EDB Verified : Yes

Exploit Database EDB-ID : 23182

Publication date : 2003-09-24 22h00 +00:00
Author : jsk
EDB Verified : Yes

Exploit Database EDB-ID : 23183

Publication date : 2003-11-03 23h00 +00:00
Author : snooq
EDB Verified : Yes

Products Mentioned

Configuraton 0

Gnu>>Cfengine >> Version 2.0.0

Gnu>>Cfengine >> Version 2.0.1

Gnu>>Cfengine >> Version 2.0.2

Gnu>>Cfengine >> Version 2.0.3

Gnu>>Cfengine >> Version 2.0.4

Gnu>>Cfengine >> Version 2.0.5

Gnu>>Cfengine >> Version 2.0.5

Gnu>>Cfengine >> Version 2.0.5

Gnu>>Cfengine >> Version 2.0.5

Gnu>>Cfengine >> Version 2.0.6

Gnu>>Cfengine >> Version 2.0.7

Gnu>>Cfengine >> Version 2.0.7

Gnu>>Cfengine >> Version 2.0.7

Gnu>>Cfengine >> Version 2.0.7

Gnu>>Cfengine >> Version 2.1.0

Gnu>>Cfengine >> Version 2.1.0

Gnu>>Cfengine >> Version 2.1.0

References